CVE-2021-26624
HIGHeScan Anti-Virus < 7.0.31 - Local Privilege Escalation via runasroot Command
Title source: llmDescription
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66596
Scores
CVSS v3
7.8
EPSS
0.0227
EPSS Percentile
80.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
escanav/escan_anti-virus
< 7.0.31
Published
Apr 01, 2022
Tracked Since
Feb 18, 2026